Protect yourself against identity theft
Here are some recommendations to help protect you against identity thieves.
- If you get an e-mail or pop-up message that asks for personal or financial information, do not reply; in fact don't even click on the link in the message. Legitimate companies don't ask for this information via e-mail. If you are concerned about your account, contact the organisation in the e-mail using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct web address.
- Be cautious of browser add-ons that websites may request you download to allow access to content.
- Don't e-mail personal or financial information. E-mail is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization's website, look for indicators that the site is secure, like a padlock icon on the browser's status bar or a URL for a web site that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- If you do a lot on online transactions, perhaps consider getting a separate credit card with a low credit limit for this sole purpose.
- Use antivirus software and keep it up-to-date. Some phishing e-mails contain malicious software that can harm your computer or track your activities on the Internet without your knowledge.
- Use secure web browser configurations or security solutions to help protect you from malicious websites
- Always keep your computer operating system and web browser software up to date.
- Be cautious about opening any attachment or downloading any files from e-mails you receive, regardless of who sent them.
- If you get a message that is phishing for personal information, contact the ITS Service Desk to find out if it has been reported. If you are able to confirm that the message in question has not yet been reported, then it should be forwarded, with full headers, to the ITS Service Desk so it can be blocked.